TWI525448B - 雲端運算環境中伺服器與客戶端的遠端信賴認證及地理位置 - Google Patents

雲端運算環境中伺服器與客戶端的遠端信賴認證及地理位置 Download PDF

Info

Publication number
TWI525448B
TWI525448B TW102102900A TW102102900A TWI525448B TW I525448 B TWI525448 B TW I525448B TW 102102900 A TW102102900 A TW 102102900A TW 102102900 A TW102102900 A TW 102102900A TW I525448 B TWI525448 B TW I525448B
Authority
TW
Taiwan
Prior art keywords
cloud
trust
communication
interface
whitelist
Prior art date
Application number
TW102102900A
Other languages
English (en)
Chinese (zh)
Other versions
TW201403346A (zh
Inventor
耶拉里 瑞格朗
Original Assignee
英特爾股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 英特爾股份有限公司 filed Critical 英特爾股份有限公司
Publication of TW201403346A publication Critical patent/TW201403346A/zh
Application granted granted Critical
Publication of TWI525448B publication Critical patent/TWI525448B/zh

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)
  • Multi Processors (AREA)
TW102102900A 2012-01-30 2013-01-25 雲端運算環境中伺服器與客戶端的遠端信賴認證及地理位置 TWI525448B (zh)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2012/023188 WO2013115776A1 (en) 2012-01-30 2012-01-30 Remote trust attestation and geo-location of of servers and clients in cloud computing environments

Publications (2)

Publication Number Publication Date
TW201403346A TW201403346A (zh) 2014-01-16
TWI525448B true TWI525448B (zh) 2016-03-11

Family

ID=48905635

Family Applications (1)

Application Number Title Priority Date Filing Date
TW102102900A TWI525448B (zh) 2012-01-30 2013-01-25 雲端運算環境中伺服器與客戶端的遠端信賴認證及地理位置

Country Status (6)

Country Link
US (1) US9910972B2 (de)
EP (1) EP2810403B1 (de)
CN (1) CN104081713B (de)
BR (1) BR112014018826A8 (de)
TW (1) TWI525448B (de)
WO (1) WO2013115776A1 (de)

Families Citing this family (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9910972B2 (en) 2012-01-30 2018-03-06 Intel Corporation Remote trust attestation and geo-location of servers and clients in cloud computing environments
US9256742B2 (en) 2012-01-30 2016-02-09 Intel Corporation Remote trust attestation and geo-location of servers and clients in cloud computing environments
US9367688B2 (en) * 2012-06-22 2016-06-14 Intel Corporation Providing geographic protection to a system
EA201590559A1 (ru) * 2012-09-13 2015-10-30 Диджитата Лимитед Управление договорами на услуги потребительского типа
CN104718719B (zh) * 2012-10-16 2018-03-27 诺基亚技术有限公司 用于经证实的传感器数据报告的方法和装置
US10389709B2 (en) * 2014-02-24 2019-08-20 Amazon Technologies, Inc. Securing client-specified credentials at cryptographically attested resources
EP3155833B1 (de) * 2014-06-13 2019-01-02 Philips Lighting Holding B.V. Lokalisierung basierend auf einem netzwerk von drahtlosen knoten
CN104901959A (zh) * 2015-05-26 2015-09-09 浪潮电子信息产业股份有限公司 一种验证计算池可信的方法及系统
US9887882B2 (en) 2015-06-12 2018-02-06 At&T Intellectual Property I, L.P. Referent system for devices of an NFV network
CN105049257A (zh) * 2015-08-12 2015-11-11 北京因特信安软件科技有限公司 基于可信地理位置信息的云平台调度方法
US10484429B1 (en) * 2016-10-26 2019-11-19 Amazon Technologies, Inc. Automated sensitive information and data storage compliance verification
US10482034B2 (en) * 2016-11-29 2019-11-19 Microsoft Technology Licensing, Llc Remote attestation model for secure memory applications
US10467124B2 (en) * 2016-12-19 2019-11-05 General Electric Company Certification process for cloud platform
CA3051411C (en) * 2017-01-25 2023-03-28 Cable Television Laboratories, Inc. Systems and methods for authenticating platform trust in a network function virtualization environment
CN106936816B (zh) * 2017-02-15 2020-09-01 海尔优家智能科技(北京)有限公司 一种查询定位的方法和系统
US10783235B1 (en) * 2017-05-04 2020-09-22 Amazon Technologies, Inc. Secure remote access of computing resources
US10033756B1 (en) 2017-10-26 2018-07-24 Hytrust, Inc. Methods and systems for holistically attesting the trust of heterogeneous compute resources
US11223631B2 (en) 2018-04-06 2022-01-11 Hewlett Packard Enterprise Development Lp Secure compliance protocols
US11016798B2 (en) 2018-06-01 2021-05-25 The Research Foundation for the State University Multi-hypervisor virtual machines that run on multiple co-located hypervisors
CN113302893B (zh) * 2019-01-08 2022-11-18 华为云计算技术有限公司 用于信任验证的方法及装置
CN109977665B (zh) * 2019-03-22 2021-01-01 北京工业大学 基于tpcm的云服务器启动过程防窃取和防篡改方法

Family Cites Families (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7117366B2 (en) 2002-01-08 2006-10-03 International Business Machines Corporation Public key based authentication method for transaction delegation in service-based computing environments
CN100566255C (zh) * 2007-02-01 2009-12-02 北京飞天诚信科技有限公司 提高智能密钥设备安全性的方法和系统
US8156298B1 (en) 2007-10-24 2012-04-10 Adam Stubblefield Virtualization-based security apparatuses, methods, and systems
US8950007B1 (en) * 2008-04-07 2015-02-03 Lumension Security, Inc. Policy-based whitelisting with system change management based on trust framework
KR100948693B1 (ko) 2008-10-08 2010-03-18 한국전자통신연구원 가상 플랫폼을 이용한 이종 망간 프로토콜 연동 지원을 위한 인터넷 프로토콜 변환장치 및 방법
US9106540B2 (en) * 2009-03-30 2015-08-11 Amazon Technologies, Inc. Providing logical networking functionality for managed computer networks
US7941379B1 (en) * 2009-06-25 2011-05-10 Symantec Corporation Systems and methods for using geo-location information in sensitive internet transactions
US8490150B2 (en) * 2009-09-23 2013-07-16 Ca, Inc. System, method, and software for enforcing access control policy rules on utility computing virtualization in cloud computing systems
US8619779B2 (en) 2009-09-30 2013-12-31 Alcatel Lucent Scalable architecture for enterprise extension in a cloud topology
KR20110051028A (ko) 2009-11-09 2011-05-17 주식회사 케이티 보안 기능이 구비된 클라우드 컴퓨팅 시스템
US8924569B2 (en) 2009-12-17 2014-12-30 Intel Corporation Cloud federation as a service
US8938782B2 (en) 2010-03-15 2015-01-20 Symantec Corporation Systems and methods for providing network access control in virtual environments
US8793439B2 (en) 2010-03-18 2014-07-29 Oracle International Corporation Accelerating memory operations using virtualization information
US8505003B2 (en) 2010-04-28 2013-08-06 Novell, Inc. System and method for upgrading kernels in cloud computing environments
JP2013528872A (ja) 2010-06-02 2013-07-11 ヴイエムウェア インク マルチ・テナント・クラウドにおける顧客仮想計算機の保護
TW201145936A (en) 2010-06-08 2011-12-16 Sun Hon Technology Corp Applying operation Bonder Bonder Authentication and human-machine Authentication method
US8601129B2 (en) 2010-06-30 2013-12-03 International Business Machines Corporation Hypervisor selection for hosting a virtual machine image
CN102316203B (zh) 2011-09-21 2015-09-16 广州市动景计算机科技有限公司 基于云计算的骚扰电话防止方法、装置及移动终端
US9519781B2 (en) * 2011-11-03 2016-12-13 Cyphort Inc. Systems and methods for virtualization and emulation assisted malware detection
US9992024B2 (en) * 2012-01-25 2018-06-05 Fujitsu Limited Establishing a chain of trust within a virtual machine
US9256742B2 (en) 2012-01-30 2016-02-09 Intel Corporation Remote trust attestation and geo-location of servers and clients in cloud computing environments
US9910972B2 (en) 2012-01-30 2018-03-06 Intel Corporation Remote trust attestation and geo-location of servers and clients in cloud computing environments

Also Published As

Publication number Publication date
US20140109191A1 (en) 2014-04-17
EP2810403A1 (de) 2014-12-10
US9910972B2 (en) 2018-03-06
EP2810403A4 (de) 2015-10-07
WO2013115776A1 (en) 2013-08-08
BR112014018826A2 (de) 2017-06-20
TW201403346A (zh) 2014-01-16
BR112014018826A8 (pt) 2017-07-11
CN104081713A (zh) 2014-10-01
CN104081713B (zh) 2018-08-17
EP2810403B1 (de) 2019-09-25

Similar Documents

Publication Publication Date Title
TWI525448B (zh) 雲端運算環境中伺服器與客戶端的遠端信賴認證及地理位置
US9774602B2 (en) Remote trust attestation and geo-location of servers and clients in cloud computing environments
US10705894B2 (en) Electronic device for authenticating application and operating method thereof
US10726120B2 (en) System, apparatus and method for providing locality assertion between a security processor and an enclave
US10541804B2 (en) Techniques for key provisioning in a trusted execution environment
US20180097809A1 (en) Securing access to cloud components
US9147076B2 (en) System and method for establishing perpetual trust among platform domains
US11343082B2 (en) Resource sharing for trusted execution environments
US11847253B2 (en) Efficient launching of trusted execution environments
US9537738B2 (en) Reporting platform information using a secure agent
CN107077560B (zh) 用于建立安全工作空间的所有权的系统
KR20170136406A (ko) 어플리케이션을 인증하는 전자 장치 및 그것의 동작 방법
JP2017530471A (ja) トラステッドプラットフォームモジュールにおけるオペレーティングシステムコンテキストの表現
US20230106455A1 (en) Efficient launching of trusted execution environments
TWI602078B (zh) 於雲端運算環境中供伺服器與客戶端的遠端信任證實及地理位置用之方法、設備、媒體及系統
WO2023230836A1 (en) Virtual microcontroller for device authentication in a confidential computing environment
WO2024063903A1 (en) Verifiable attribute maps
Guan et al. An approach to ensure the trustworthiness of cloud platform using the trusted chain

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees